Data Protection Archive
‘GDPR’ has become a familiar term. We recognise the visible and consumer-facing aspects of it in our everyday lives. As privacy professionals, we see consumers exercising their rights to withdraw consent to their data being processed via ‘opt out’ or …
You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Its rules don’t only cover written details, like names and addresses; it applies to any information that can identify someone. That includes pictures …
The GDPR (General Data Protection Regulation) isn’t just about implementing technological and organisational measures to protect the information you store. You also need to demonstrate your compliance, which is why data security policies are essential. These documents form part of …
As we emerge from the pandemic, hybrid working has proven hugely popular for individuals and organisations alike: staff enjoy increased flexibility and reduced commuting, and organisations benefit from lower overheads and greater productivity. Plus, the environmental benefits of homeworking are unmistakable. However, hybrid working also provides greater opportunities for cyber criminals. It introduces new security vulnerabilities, makes staff more susceptible …
A UK government report published last year found that 48% of organisations lacked the expertise to complete routine cyber security practices. This includes an inability to protect against malware, set access controls and apply updates. The report also found that …
The documentation of processing activities is a new legal requirement under the EU GDPR (General Data Protection Regulation). Documenting your processing activities can also support good data governance, and help you to demonstrate your compliance with other aspects of the …
The EU GDPR (General Data Protection Regulation) requires certain organisations to appoint a DPO (data protection officer) to comply with the Regulation. However, a shortage of DPOs means many organisations appoint staff to act as DPOs without the proper level of expertise, experience or qualifications. The …
Under the General Data Protection Regulation (GDPR), organisations must create a privacy notice explaining to individuals how their personal information is used. But what is a privacy notice, and what should it contain? We explain everything you need to know in …
Under the GDPR, DPIAs (data protection impact assessments) are mandatory for data processing that is “likely to result in a high risk to the rights and freedoms of data subjects”. Effectively a type of risk assessment, DPIAs assess how these …
Looking for affordable ways to keep your data secure? Sometimes the simplest solutions are the best – and nothing beats the simplicity of a book. With books, you get expert advice at your fingertips. You can study whenever is convenient …
